Changeset 245239 in webkit

Timestamp:

May 13, 2019 10:32:31 AM (5 years ago)

Author:

ysuzuki@apple.com

Message:

[JSC] Compress miscelaneous JIT related data structures with Packed<>
​https://bugs.webkit.org/show_bug.cgi?id=197830

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch leverages Packed<> to compress miscelaneous data structures related to JIT.

1. JIT IC data structures

2. ValueRecovery

We use Packed<> for EncodedJSValue in ValueRecovery. This means that conservative GC cannot find
these values. But this is OK anyway since ValueRecovery's constant should be already registered
in DFG graph. From 16 (alignment 8) to 9 (alignment 1).

3. FTL::ExitValue

We use Packed<> for EncodedJSValue in FTL::ExitValue. This is also OK since this constant should
be already registered by DFG/FTL graph. From 16 (alignment 8) to 9 (alignment 1).

• assembler/CodeLocation.h:
• bytecode/ByValInfo.h:
• bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::CallLinkInfo):
(JSC::CallLinkInfo::callReturnLocation):

• bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::nearCallMode const):

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::addJITMulIC):
(JSC::CodeBlock::addJITSubIC):
(JSC::CodeBlock::addJITNegIC):

• bytecode/CodeBlock.h:

(JSC::CodeBlock::addMathIC):

• bytecode/InlineCallFrame.h:

(JSC::InlineCallFrame::InlineCallFrame):

• bytecode/ValueRecovery.h:

(JSC::ValueRecovery::inGPR):
(JSC::ValueRecovery::inPair):
(JSC::ValueRecovery::inFPR):
(JSC::ValueRecovery::displacedInJSStack):
(JSC::ValueRecovery::constant):
(JSC::ValueRecovery::directArgumentsThatWereNotCreated):
(JSC::ValueRecovery::clonedArgumentsThatWereNotCreated):
(JSC::ValueRecovery::gpr const):
(JSC::ValueRecovery::tagGPR const):
(JSC::ValueRecovery::payloadGPR const):
(JSC::ValueRecovery::fpr const):
(JSC::ValueRecovery::virtualRegister const):
(JSC::ValueRecovery::withLocalsOffset const):
(JSC::ValueRecovery::constant const):
(JSC::ValueRecovery::nodeID const):

• dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileValueSub):
(JSC::DFG::SpeculativeJIT::compileValueNegate):
(JSC::DFG::SpeculativeJIT::compileValueMul):

• ftl/FTLExitValue.cpp:

(JSC::FTL::ExitValue::materializeNewObject):

• ftl/FTLExitValue.h:

(JSC::FTL::ExitValue::inJSStack):
(JSC::FTL::ExitValue::inJSStackAsInt32):
(JSC::FTL::ExitValue::inJSStackAsInt52):
(JSC::FTL::ExitValue::inJSStackAsDouble):
(JSC::FTL::ExitValue::constant):
(JSC::FTL::ExitValue::exitArgument):
(JSC::FTL::ExitValue::exitArgument const):
(JSC::FTL::ExitValue::adjustStackmapLocationsIndexByOffset):
(JSC::FTL::ExitValue::constant const):
(JSC::FTL::ExitValue::virtualRegister const):
(JSC::FTL::ExitValue::objectMaterialization const):
(JSC::FTL::ExitValue::withVirtualRegister const):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileValueSub):
(JSC::FTL::DFG::LowerDFGToB3::compileValueMul):
(JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub):
(JSC::FTL::DFG::LowerDFGToB3::compileValueNegate):

• jit/CachedRecovery.h:
• jit/CallFrameShuffleData.h:
• jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_negate):
(JSC::JIT::emit_op_add):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emit_op_sub):

• jit/JITMathIC.h:

(JSC::isProfileEmpty):
(JSC::JITBinaryMathIC::JITBinaryMathIC):
(JSC::JITUnaryMathIC::JITUnaryMathIC):

• jit/PolymorphicCallStubRoutine.h:

(JSC::PolymorphicCallNode::hasCallLinkInfo):

• jit/SnippetOperand.h:

(JSC::SnippetOperand::asRawBits const):
(JSC::SnippetOperand::asConstInt32 const):
(JSC::SnippetOperand::asConstDouble const):
(JSC::SnippetOperand::setConstInt32):
(JSC::SnippetOperand::setConstDouble):

Source/WTF:

• wtf/Packed.h:

(WTF::alignof):

Location:

trunk/Source

Files:

• JavaScriptCore/ChangeLog (modified) (1 diff)
• JavaScriptCore/assembler/CodeLocation.h (modified) (2 diffs)
• JavaScriptCore/bytecode/ByValInfo.h (modified) (1 diff)
• JavaScriptCore/bytecode/CallLinkInfo.cpp (modified) (2 diffs)
• JavaScriptCore/bytecode/CallLinkInfo.h (modified) (5 diffs)
• JavaScriptCore/bytecode/CodeBlock.cpp (modified) (1 diff)
• JavaScriptCore/bytecode/CodeBlock.h (modified) (2 diffs)
• JavaScriptCore/bytecode/InlineCallFrame.h (modified) (2 diffs)
• JavaScriptCore/bytecode/ValueRecovery.h (modified) (18 diffs)
• JavaScriptCore/dfg/DFGSpeculativeJIT.cpp (modified) (4 diffs)
• JavaScriptCore/ftl/FTLExitValue.cpp (modified) (1 diff)
• JavaScriptCore/ftl/FTLExitValue.h (modified) (14 diffs)
• JavaScriptCore/ftl/FTLLowerDFGToB3.cpp (modified) (8 diffs)
• JavaScriptCore/jit/CachedRecovery.h (modified) (1 diff)
• JavaScriptCore/jit/CallFrameShuffleData.h (modified) (2 diffs)
• JavaScriptCore/jit/JITArithmetic.cpp (modified) (4 diffs)
• JavaScriptCore/jit/JITMathIC.h (modified) (5 diffs)
• JavaScriptCore/jit/PolymorphicCallStubRoutine.h (modified) (2 diffs)
• JavaScriptCore/jit/SnippetOperand.h (modified) (6 diffs)
• WTF/ChangeLog (modified) (1 diff)
• WTF/wtf/Packed.h (modified) (1 diff)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2019-05-13  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        [JSC] Compress miscelaneous JIT related data structures with Packed<>
+        https://bugs.webkit.org/show_bug.cgi?id=197830
+
+        Reviewed by Saam Barati.
+
+        This patch leverages Packed<> to compress miscelaneous data structures related to JIT.
+
+        1. JIT IC data structures
+
+        2. ValueRecovery
+
+            We use Packed<> for EncodedJSValue in ValueRecovery. This means that conservative GC cannot find
+            these values. But this is OK anyway since ValueRecovery's constant should be already registered
+            in DFG graph. From 16 (alignment 8) to 9 (alignment 1).
+
+        3. FTL::ExitValue
+
+            We use Packed<> for EncodedJSValue in FTL::ExitValue. This is also OK since this constant should
+            be already registered by DFG/FTL graph. From 16 (alignment 8) to 9 (alignment 1).
+
+        * assembler/CodeLocation.h:
+        * bytecode/ByValInfo.h:
+        * bytecode/CallLinkInfo.cpp:
+        (JSC::CallLinkInfo::CallLinkInfo):
+        (JSC::CallLinkInfo::callReturnLocation):
+        * bytecode/CallLinkInfo.h:
+        (JSC::CallLinkInfo::nearCallMode const):
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::addJITAddIC):
+        (JSC::CodeBlock::addJITMulIC):
+        (JSC::CodeBlock::addJITSubIC):
+        (JSC::CodeBlock::addJITNegIC):
+        * bytecode/CodeBlock.h:
+        (JSC::CodeBlock::addMathIC):
+        * bytecode/InlineCallFrame.h:
+        (JSC::InlineCallFrame::InlineCallFrame):
+        * bytecode/ValueRecovery.h:
+        (JSC::ValueRecovery::inGPR):
+        (JSC::ValueRecovery::inPair):
+        (JSC::ValueRecovery::inFPR):
+        (JSC::ValueRecovery::displacedInJSStack):
+        (JSC::ValueRecovery::constant):
+        (JSC::ValueRecovery::directArgumentsThatWereNotCreated):
+        (JSC::ValueRecovery::clonedArgumentsThatWereNotCreated):
+        (JSC::ValueRecovery::gpr const):
+        (JSC::ValueRecovery::tagGPR const):
+        (JSC::ValueRecovery::payloadGPR const):
+        (JSC::ValueRecovery::fpr const):
+        (JSC::ValueRecovery::virtualRegister const):
+        (JSC::ValueRecovery::withLocalsOffset const):
+        (JSC::ValueRecovery::constant const):
+        (JSC::ValueRecovery::nodeID const):
+        * dfg/DFGSpeculativeJIT.cpp:
+        (JSC::DFG::SpeculativeJIT::compileValueAdd):
+        (JSC::DFG::SpeculativeJIT::compileValueSub):
+        (JSC::DFG::SpeculativeJIT::compileValueNegate):
+        (JSC::DFG::SpeculativeJIT::compileValueMul):
+        * ftl/FTLExitValue.cpp:
+        (JSC::FTL::ExitValue::materializeNewObject):
+        * ftl/FTLExitValue.h:
+        (JSC::FTL::ExitValue::inJSStack):
+        (JSC::FTL::ExitValue::inJSStackAsInt32):
+        (JSC::FTL::ExitValue::inJSStackAsInt52):
+        (JSC::FTL::ExitValue::inJSStackAsDouble):
+        (JSC::FTL::ExitValue::constant):
+        (JSC::FTL::ExitValue::exitArgument):
+        (JSC::FTL::ExitValue::exitArgument const):
+        (JSC::FTL::ExitValue::adjustStackmapLocationsIndexByOffset):
+        (JSC::FTL::ExitValue::constant const):
+        (JSC::FTL::ExitValue::virtualRegister const):
+        (JSC::FTL::ExitValue::objectMaterialization const):
+        (JSC::FTL::ExitValue::withVirtualRegister const):
+        * ftl/FTLLowerDFGToB3.cpp:
+        (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
+        (JSC::FTL::DFG::LowerDFGToB3::compileValueSub):
+        (JSC::FTL::DFG::LowerDFGToB3::compileValueMul):
+        (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC):
+        (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC):
+        (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub):
+        (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate):
+        * jit/CachedRecovery.h:
+        * jit/CallFrameShuffleData.h:
+        * jit/JITArithmetic.cpp:
+        (JSC::JIT::emit_op_negate):
+        (JSC::JIT::emit_op_add):
+        (JSC::JIT::emit_op_mul):
+        (JSC::JIT::emit_op_sub):
+        * jit/JITMathIC.h:
+        (JSC::isProfileEmpty):
+        (JSC::JITBinaryMathIC::JITBinaryMathIC):
+        (JSC::JITUnaryMathIC::JITUnaryMathIC):
+        * jit/PolymorphicCallStubRoutine.h:
+        (JSC::PolymorphicCallNode::hasCallLinkInfo):
+        * jit/SnippetOperand.h:
+        (JSC::SnippetOperand::asRawBits const):
+        (JSC::SnippetOperand::asConstInt32 const):
+        (JSC::SnippetOperand::asConstDouble const):
+        (JSC::SnippetOperand::setConstInt32):
+        (JSC::SnippetOperand::setConstDouble):
+
 2019-05-12  Yusuke Suzuki  <ysuzuki@apple.com>
 

trunk/Source/JavaScriptCore/assembler/CodeLocation.h

@@ -32 +32 @@
 namespace JSC {
 
-enum NearCallMode { Regular, Tail };
+enum class NearCallMode : uint8_t { Regular, Tail };
 
 template<PtrTag> class CodeLocationInstruction;
@@ -154 +154 @@
     NearCallMode callMode() { return m_callMode; }
 private:
-    NearCallMode m_callMode = NearCallMode::Regular;
+    NearCallMode m_callMode { NearCallMode::Regular };
 };
 

trunk/Source/JavaScriptCore/bytecode/ByValInfo.h

@@ -40 +40 @@
 class StructureStubInfo;
 
-enum JITArrayMode {
+enum JITArrayMode : uint8_t {
     JITInt32,
     JITDouble,

trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp

@@ -64 +64 @@
     , m_callType(None)
     , m_calleeGPR(255)
-    , m_maxNumArguments(0)
-    , m_slowPathCount(0)
 {
 }
@@ -101 +99 @@
 {
     RELEASE_ASSERT(!isDirect());
-    return CodeLocationNearCall<JSInternalPtrTag>(m_callReturnLocationOrPatchableJump, Regular);
+    return CodeLocationNearCall<JSInternalPtrTag>(m_callReturnLocationOrPatchableJump, NearCallMode::Regular);
 }
 

trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.h

@@ -42 +42 @@
 struct CallFrameShuffleData;
 
-class CallLinkInfo : public BasicRawSentinelNode<CallLinkInfo> {
+class CallLinkInfo : public PackedRawSentinelNode<CallLinkInfo> {
 public:
     enum CallType {
@@ -147 +147 @@
     NearCallMode nearCallMode() const
     {
-        return isTailCall() ? Tail : Regular;
+        return isTailCall() ? NearCallMode::Tail : NearCallMode::Regular;
     }
 
@@ -348 +348 @@
 
 private:
+    uint32_t m_maxNumArguments { 0 }; // For varargs: the profiled maximum number of arguments. For direct: the number of stack slots allocated for arguments.
     CodeLocationLabel<JSInternalPtrTag> m_callReturnLocationOrPatchableJump;
     CodeLocationLabel<JSInternalPtrTag> m_hotPathBeginOrSlowPathStart;
@@ -356 +357 @@
     RefPtr<JITStubRoutine> m_slowStub;
     std::unique_ptr<CallFrameShuffleData> m_frameShuffleData;
+    CodeOrigin m_codeOrigin;
     bool m_hasSeenShouldRepatch : 1;
     bool m_hasSeenClosure : 1;
@@ -364 +366 @@
     unsigned m_callType : 4; // CallType
     unsigned m_calleeGPR : 8;
-    uint32_t m_maxNumArguments; // For varargs: the profiled maximum number of arguments. For direct: the number of stack slots allocated for arguments.
-    uint32_t m_slowPathCount;
-    CodeOrigin m_codeOrigin;
+    uint32_t m_slowPathCount { 0 };
 };
 

trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -1428 +1428 @@
 }
 
-JITAddIC* CodeBlock::addJITAddIC(ArithProfile* arithProfile, const Instruction* instruction)
+JITAddIC* CodeBlock::addJITAddIC(ArithProfile* arithProfile)
 {
     ConcurrentJSLocker locker(m_lock);
-    return ensureJITData(locker).m_addICs.add(arithProfile, instruction);
-}
-
-JITMulIC* CodeBlock::addJITMulIC(ArithProfile* arithProfile, const Instruction* instruction)
+    return ensureJITData(locker).m_addICs.add(arithProfile);
+}
+
+JITMulIC* CodeBlock::addJITMulIC(ArithProfile* arithProfile)
 {
     ConcurrentJSLocker locker(m_lock);
-    return ensureJITData(locker).m_mulICs.add(arithProfile, instruction);
-}
-
-JITSubIC* CodeBlock::addJITSubIC(ArithProfile* arithProfile, const Instruction* instruction)
+    return ensureJITData(locker).m_mulICs.add(arithProfile);
+}
+
+JITSubIC* CodeBlock::addJITSubIC(ArithProfile* arithProfile)
 {
     ConcurrentJSLocker locker(m_lock);
-    return ensureJITData(locker).m_subICs.add(arithProfile, instruction);
-}
-
-JITNegIC* CodeBlock::addJITNegIC(ArithProfile* arithProfile, const Instruction* instruction)
+    return ensureJITData(locker).m_subICs.add(arithProfile);
+}
+
+JITNegIC* CodeBlock::addJITNegIC(ArithProfile* arithProfile)
 {
     ConcurrentJSLocker locker(m_lock);
-    return ensureJITData(locker).m_negICs.add(arithProfile, instruction);
+    return ensureJITData(locker).m_negICs.add(arithProfile);
 }
 

trunk/Source/JavaScriptCore/bytecode/CodeBlock.h

@@ -262 +262 @@
         Bag<ByValInfo> m_byValInfos;
         Bag<CallLinkInfo> m_callLinkInfos;
-        SentinelLinkedList<CallLinkInfo, BasicRawSentinelNode<CallLinkInfo>> m_incomingCalls;
-        SentinelLinkedList<PolymorphicCallNode, BasicRawSentinelNode<PolymorphicCallNode>> m_incomingPolymorphicCalls;
+        SentinelLinkedList<CallLinkInfo, PackedRawSentinelNode<CallLinkInfo>> m_incomingCalls;
+        SentinelLinkedList<PolymorphicCallNode, PackedRawSentinelNode<PolymorphicCallNode>> m_incomingPolymorphicCalls;
         SegmentedVector<RareCaseProfile, 8> m_rareCaseProfiles;
         std::unique_ptr<PCToCodeOriginMap> m_pcToCodeOriginMap;
@@ -278 +278 @@
     JITData& ensureJITDataSlow(const ConcurrentJSLocker&);
 
-    JITAddIC* addJITAddIC(ArithProfile*, const Instruction*);
-    JITMulIC* addJITMulIC(ArithProfile*, const Instruction*);
-    JITNegIC* addJITNegIC(ArithProfile*, const Instruction*);
-    JITSubIC* addJITSubIC(ArithProfile*, const Instruction*);
+    JITAddIC* addJITAddIC(ArithProfile*);
+    JITMulIC* addJITMulIC(ArithProfile*);
+    JITNegIC* addJITNegIC(ArithProfile*);
+    JITSubIC* addJITSubIC(ArithProfile*);
 
     template <typename Generator, typename = typename std::enable_if<std::is_same<Generator, JITAddGenerator>::value>::type>
-    JITAddIC* addMathIC(ArithProfile* profile, const Instruction* instruction) { return addJITAddIC(profile, instruction); }
+    JITAddIC* addMathIC(ArithProfile* profile) { return addJITAddIC(profile); }
 
     template <typename Generator, typename = typename std::enable_if<std::is_same<Generator, JITMulGenerator>::value>::type>
-    JITMulIC* addMathIC(ArithProfile* profile, const Instruction* instruction) { return addJITMulIC(profile, instruction); }
+    JITMulIC* addMathIC(ArithProfile* profile) { return addJITMulIC(profile); }
 
     template <typename Generator, typename = typename std::enable_if<std::is_same<Generator, JITNegGenerator>::value>::type>
-    JITNegIC* addMathIC(ArithProfile* profile, const Instruction* instruction) { return addJITNegIC(profile, instruction); }
+    JITNegIC* addMathIC(ArithProfile* profile) { return addJITNegIC(profile); }
 
     template <typename Generator, typename = typename std::enable_if<std::is_same<Generator, JITSubGenerator>::value>::type>
-    JITSubIC* addMathIC(ArithProfile* profile, const Instruction* instruction) { return addJITSubIC(profile, instruction); }
+    JITSubIC* addMathIC(ArithProfile* profile) { return addJITSubIC(profile); }
 
     StructureStubInfo* addStubInfo(AccessType);

trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.h

@@ -178 +178 @@
     Vector<ValueRecovery> argumentsWithFixup; // Includes 'this' and arity fixups.
     WriteBarrier<CodeBlock> baselineCodeBlock;
-    ValueRecovery calleeRecovery;
     CodeOrigin directCaller;
 
-    unsigned argumentCountIncludingThis; // Do not include fixups.
+    unsigned argumentCountIncludingThis { 0 }; // Do not include fixups.
     signed stackOffset : 28;
     unsigned kind : 3; // real type is Kind
     bool isClosureCall : 1; // If false then we know that callee/scope are constants and the DFG won't treat them as variables, i.e. they have to be recovered manually.
     VirtualRegister argumentCountRegister; // Only set when we inline a varargs call.
+
+    ValueRecovery calleeRecovery;
     
     // There is really no good notion of a "default" set of values for
@@ -191 +192 @@
     // we forgot to initialize explicitly.
     InlineCallFrame()
-        : argumentCountIncludingThis(0)
-        , stackOffset(0)
+        : stackOffset(0)
         , kind(Call)
         , isClosureCall(false)

trunk/Source/JavaScriptCore/bytecode/ValueRecovery.h

@@ -44 +44 @@
 // Describes how to recover a given bytecode virtual register at a given
 // code point.
-enum ValueRecoveryTechnique {
+enum ValueRecoveryTechnique : uint8_t {
     // It's in a register.
     InGPR,
@@ -117 +117 @@
         else
             result.m_technique = InGPR;
-        result.m_source.gpr = gpr;
+        UnionType u;
+        u.gpr = gpr;
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -126 +128 @@
         ValueRecovery result;
         result.m_technique = InPair;
-        result.m_source.pair.tagGPR = tagGPR;
-        result.m_source.pair.payloadGPR = payloadGPR;
+        UnionType u;
+        u.pair.tagGPR = tagGPR;
+        u.pair.payloadGPR = payloadGPR;
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -140 +144 @@
         else
             result.m_technique = InFPR;
-        result.m_source.fpr = fpr;
+        UnionType u;
+        u.fpr = fpr;
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -177 +183 @@
             break;
         }
-        result.m_source.virtualReg = virtualReg.offset();
+        UnionType u;
+        u.virtualReg = virtualReg.offset();
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -185 +193 @@
         ValueRecovery result;
         result.m_technique = Constant;
-        result.m_source.constant = JSValue::encode(value);
+        UnionType u;
+        u.constant = JSValue::encode(value);
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -193 +203 @@
         ValueRecovery result;
         result.m_technique = DirectArgumentsThatWereNotCreated;
-        result.m_source.nodeID = id.bits();
+        UnionType u;
+        u.nodeID = id.bits();
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -201 +213 @@
         ValueRecovery result;
         result.m_technique = ClonedArgumentsThatWereNotCreated;
-        result.m_source.nodeID = id.bits();
+        UnionType u;
+        u.nodeID = id.bits();
+        result.m_source = WTFMove(u);
         return result;
     }
@@ -293 +307 @@
     {
         ASSERT(isInGPR());
-        return m_source.gpr;
+        return m_source.get().gpr;
     }
     
@@ -300 +314 @@
     {
         ASSERT(m_technique == InPair);
-        return m_source.pair.tagGPR;
+        return m_source.get().pair.tagGPR;
     }
     
@@ -306 +320 @@
     {
         ASSERT(m_technique == InPair);
-        return m_source.pair.payloadGPR;
+        return m_source.get().pair.payloadGPR;
     }
 
@@ -331 +345 @@
     {
         ASSERT(isInFPR());
-        return m_source.fpr;
+        return m_source.get().fpr;
     }
     
@@ -337 +351 @@
     {
         ASSERT(isInJSStack());
-        return VirtualRegister(m_source.virtualReg);
+        return VirtualRegister(m_source.get().virtualReg);
     }
     
@@ -352 +366 @@
             ValueRecovery result;
             result.m_technique = m_technique;
-            result.m_source.virtualReg = m_source.virtualReg + offset;
+            UnionType u;
+            u.virtualReg = m_source.get().virtualReg + offset;
+            result.m_source = WTFMove(u);
             return result;
         }
@@ -364 +380 @@
     {
         ASSERT(isConstant());
-        return JSValue::decode(m_source.constant);
+        return JSValue::decode(m_source.get().constant);
     }
     
@@ -370 +386 @@
     {
         ASSERT(m_technique == DirectArgumentsThatWereNotCreated || m_technique == ClonedArgumentsThatWereNotCreated);
-        return DFG::MinifiedID::fromBits(m_source.nodeID);
+        return DFG::MinifiedID::fromBits(m_source.get().nodeID);
     }
     
@@ -409 +425 @@
 private:
     ValueRecoveryTechnique m_technique;
-    union {
+    union UnionType {
         MacroAssembler::RegisterID gpr;
         MacroAssembler::FPRegisterID fpr;
@@ -421 +437 @@
         EncodedJSValue constant;
         unsigned nodeID;
-    } m_source;
+    };
+    Packed<UnionType> m_source;
 };
+static_assert(alignof(ValueRecovery) == 1);
 
 } // namespace JSC

trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp

@@ -3954 +3954 @@
     unsigned bytecodeIndex = node->origin.semantic.bytecodeIndex();
     ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-    const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
-    JITAddIC* addIC = m_jit.codeBlock()->addJITAddIC(arithProfile, instruction);
+    JITAddIC* addIC = m_jit.codeBlock()->addJITAddIC(arithProfile);
     auto repatchingFunction = operationValueAddOptimize;
     auto nonRepatchingFunction = operationValueAdd;
@@ -3979 +3978 @@
         unsigned bytecodeIndex = node->origin.semantic.bytecodeIndex();
         ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-        const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
-        JITSubIC* subIC = m_jit.codeBlock()->addJITSubIC(arithProfile, instruction);
+        JITSubIC* subIC = m_jit.codeBlock()->addJITSubIC(arithProfile);
         auto repatchingFunction = operationValueSubOptimize;
         auto nonRepatchingFunction = operationValueSub;
@@ -4574 +4572 @@
     unsigned bytecodeIndex = node->origin.semantic.bytecodeIndex();
     ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-    const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
-    JITNegIC* negIC = m_jit.codeBlock()->addJITNegIC(arithProfile, instruction);
+    JITNegIC* negIC = m_jit.codeBlock()->addJITNegIC(arithProfile);
     auto repatchingFunction = operationArithNegateOptimize;
     auto nonRepatchingFunction = operationArithNegate;
@@ -4798 +4795 @@
     unsigned bytecodeIndex = node->origin.semantic.bytecodeIndex();
     ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-    const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
-    JITMulIC* mulIC = m_jit.codeBlock()->addJITMulIC(arithProfile, instruction);
+    JITMulIC* mulIC = m_jit.codeBlock()->addJITMulIC(arithProfile);
     auto repatchingFunction = operationValueMulOptimize;
     auto nonRepatchingFunction = operationValueMul;

trunk/Source/JavaScriptCore/ftl/FTLExitValue.cpp

@@ -39 +39 @@
     ExitValue result;
     result.m_kind = ExitValueMaterializeNewObject;
-    result.u.newObjectMaterializationData = data;
+    UnionType u;
+    u.newObjectMaterializationData = data;
+    result.m_value = WTFMove(u);
     return result;
 }

trunk/Source/JavaScriptCore/ftl/FTLExitValue.h

@@ -46 +46 @@
 // the call.
 
-enum ExitValueKind {
+enum ExitValueKind : uint8_t {
     InvalidExitValue,
     ExitValueDead,
@@ -80 +80 @@
         ExitValue result;
         result.m_kind = ExitValueInJSStack;
-        result.u.virtualRegister = reg.offset();
+        UnionType u;
+        u.virtualRegister = reg.offset();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -88 +90 @@
         ExitValue result;
         result.m_kind = ExitValueInJSStackAsInt32;
-        result.u.virtualRegister = reg.offset();
+        UnionType u;
+        u.virtualRegister = reg.offset();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -96 +100 @@
         ExitValue result;
         result.m_kind = ExitValueInJSStackAsInt52;
-        result.u.virtualRegister = reg.offset();
+        UnionType u;
+        u.virtualRegister = reg.offset();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -104 +110 @@
         ExitValue result;
         result.m_kind = ExitValueInJSStackAsDouble;
-        result.u.virtualRegister = reg.offset();
+        UnionType u;
+        u.virtualRegister = reg.offset();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -112 +120 @@
         ExitValue result;
         result.m_kind = ExitValueConstant;
-        result.u.constant = JSValue::encode(value);
+        UnionType u;
+        u.constant = JSValue::encode(value);
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -120 +130 @@
         ExitValue result;
         result.m_kind = ExitValueArgument;
-        result.u.argument = argument.representation();
+        UnionType u;
+        u.argument = argument.representation();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -149 +161 @@
     {
         ASSERT(isArgument());
-        return ExitArgument(u.argument);
+        return ExitArgument(m_value.get().argument);
     }
     
@@ -156 +168 @@
         ASSERT(hasIndexInStackmapLocations());
         ASSERT(isArgument());
+        UnionType u = m_value.get();
         u.argument.argument += offset;
+        m_value = WTFMove(u);
     }
     
@@ -162 +176 @@
     {
         ASSERT(isConstant());
-        return JSValue::decode(u.constant);
+        return JSValue::decode(m_value.get().constant);
     }
     
@@ -168 +182 @@
     {
         ASSERT(isInJSStackSomehow());
-        return VirtualRegister(u.virtualRegister);
+        return VirtualRegister(m_value.get().virtualRegister);
     }
     
@@ -174 +188 @@
     {
         ASSERT(isObjectMaterialization());
-        return u.newObjectMaterializationData;
+        return m_value.get().newObjectMaterializationData;
     }
 
@@ -182 +196 @@
         ExitValue result;
         result.m_kind = m_kind;
-        result.u.virtualRegister = virtualRegister.offset();
+        UnionType u;
+        u.virtualRegister = virtualRegister.offset();
+        result.m_value = WTFMove(u);
         return result;
     }
@@ -201 +217 @@
 private:
     ExitValueKind m_kind;
-    union {
+    union UnionType {
         ExitArgumentRepresentation argument;
         EncodedJSValue constant;
         int virtualRegister;
         ExitTimeObjectMaterialization* newObjectMaterializationData;
-    } u;
+    };
+    Packed<UnionType> m_value;
 };
 

trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp

@@ -2071 +2071 @@
         unsigned bytecodeIndex = m_node->origin.semantic.bytecodeIndex();
         ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-        const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
         auto repatchingFunction = operationValueAddOptimize;
         auto nonRepatchingFunction = operationValueAdd;
-        compileBinaryMathIC<JITAddGenerator>(arithProfile, instruction, repatchingFunction, nonRepatchingFunction);
+        compileBinaryMathIC<JITAddGenerator>(arithProfile, repatchingFunction, nonRepatchingFunction);
     }
 
@@ -2091 +2090 @@
         unsigned bytecodeIndex = m_node->origin.semantic.bytecodeIndex();
         ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-        const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
         auto repatchingFunction = operationValueSubOptimize;
         auto nonRepatchingFunction = operationValueSub;
-        compileBinaryMathIC<JITSubGenerator>(arithProfile, instruction, repatchingFunction, nonRepatchingFunction);
+        compileBinaryMathIC<JITSubGenerator>(arithProfile, repatchingFunction, nonRepatchingFunction);
     }
 
@@ -2111 +2109 @@
         unsigned bytecodeIndex = m_node->origin.semantic.bytecodeIndex();
         ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-        const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
         auto repatchingFunction = operationValueMulOptimize;
         auto nonRepatchingFunction = operationValueMul;
-        compileBinaryMathIC<JITMulGenerator>(arithProfile, instruction, repatchingFunction, nonRepatchingFunction);
+        compileBinaryMathIC<JITMulGenerator>(arithProfile, repatchingFunction, nonRepatchingFunction);
     }
 
     template <typename Generator, typename Func1, typename Func2,
         typename = std::enable_if_t<std::is_function<typename std::remove_pointer<Func1>::type>::value && std::is_function<typename std::remove_pointer<Func2>::type>::value>>
-    void compileUnaryMathIC(ArithProfile* arithProfile, const Instruction* instruction, Func1 repatchingFunction, Func2 nonRepatchingFunction)
+    void compileUnaryMathIC(ArithProfile* arithProfile, Func1 repatchingFunction, Func2 nonRepatchingFunction)
     {
         Node* node = m_node;
@@ -2145 +2142 @@
 
                 Box<MathICGenerationState> mathICGenerationState = Box<MathICGenerationState>::create();
-                JITUnaryMathIC<Generator>* mathIC = jit.codeBlock()->addMathIC<Generator>(arithProfile, instruction);
+                JITUnaryMathIC<Generator>* mathIC = jit.codeBlock()->addMathIC<Generator>(arithProfile);
                 mathIC->m_generator = Generator(JSValueRegs(params[0].gpr()), JSValueRegs(params[1].gpr()), params.gpScratch(0));
 
@@ -2205 +2202 @@
     template <typename Generator, typename Func1, typename Func2,
         typename = std::enable_if_t<std::is_function<typename std::remove_pointer<Func1>::type>::value && std::is_function<typename std::remove_pointer<Func2>::type>::value>>
-    void compileBinaryMathIC(ArithProfile* arithProfile, const Instruction* instruction, Func1 repatchingFunction, Func2 nonRepatchingFunction)
+    void compileBinaryMathIC(ArithProfile* arithProfile, Func1 repatchingFunction, Func2 nonRepatchingFunction)
     {
         Node* node = m_node;
@@ -2239 +2236 @@
 
                 Box<MathICGenerationState> mathICGenerationState = Box<MathICGenerationState>::create();
-                JITBinaryMathIC<Generator>* mathIC = jit.codeBlock()->addMathIC<Generator>(arithProfile, instruction);
+                JITBinaryMathIC<Generator>* mathIC = jit.codeBlock()->addMathIC<Generator>(arithProfile);
                 mathIC->m_generator = Generator(leftOperand, rightOperand, JSValueRegs(params[0].gpr()),
                     JSValueRegs(params[1].gpr()), JSValueRegs(params[2].gpr()), params.fpScratch(0),
@@ -2373 +2370 @@
             unsigned bytecodeIndex = m_node->origin.semantic.bytecodeIndex();
             ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-            const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
             auto repatchingFunction = operationValueSubOptimize;
             auto nonRepatchingFunction = operationValueSub;
-            compileBinaryMathIC<JITSubGenerator>(arithProfile, instruction, repatchingFunction, nonRepatchingFunction);
+            compileBinaryMathIC<JITSubGenerator>(arithProfile, repatchingFunction, nonRepatchingFunction);
             break;
         }
@@ -3024 +3020 @@
         unsigned bytecodeIndex = m_node->origin.semantic.bytecodeIndex();
         ArithProfile* arithProfile = baselineCodeBlock->arithProfileForBytecodeOffset(bytecodeIndex);
-        const Instruction* instruction = baselineCodeBlock->instructions().at(bytecodeIndex).ptr();
         auto repatchingFunction = operationArithNegateOptimize;
         auto nonRepatchingFunction = operationArithNegate;
-        compileUnaryMathIC<JITNegGenerator>(arithProfile, instruction, repatchingFunction, nonRepatchingFunction);
+        compileUnaryMathIC<JITNegGenerator>(arithProfile, repatchingFunction, nonRepatchingFunction);
     }
 

trunk/Source/JavaScriptCore/jit/CachedRecovery.h

@@ -124 +124 @@
     FPRReg wantedFPR() const { return m_wantedFPR; }
 private:
+    Vector<VirtualRegister, 1> m_targets;
     ValueRecovery m_recovery;
     JSValueRegs m_wantedJSValueRegs;
     FPRReg m_wantedFPR { InvalidFPRReg };
-    Vector<VirtualRegister, 1> m_targets;
 };
 

trunk/Source/JavaScriptCore/jit/CallFrameShuffleData.h

@@ -36 +36 @@
     WTF_MAKE_FAST_ALLOCATED;
 public:
-    ValueRecovery callee;
     Vector<ValueRecovery> args;
     unsigned numLocals { UINT_MAX };
@@ -46 +45 @@
     void setupCalleeSaveRegisters(CodeBlock*);
 #endif
+    ValueRecovery callee;
 };
 

trunk/Source/JavaScriptCore/jit/JITArithmetic.cpp

@@ -454 +454 @@
 {
     ArithProfile* arithProfile = &currentInstruction->as<OpNegate>().metadata(m_codeBlock).m_arithProfile;
-    JITNegIC* negateIC = m_codeBlock->addJITNegIC(arithProfile, currentInstruction);
+    JITNegIC* negateIC = m_codeBlock->addJITNegIC(arithProfile);
     m_instructionToMathIC.add(currentInstruction, negateIC);
     emitMathICFast<OpNegate>(negateIC, currentInstruction, operationArithNegateProfiled, operationArithNegate);
@@ -642 +642 @@
 {
     ArithProfile* arithProfile = &currentInstruction->as<OpAdd>().metadata(m_codeBlock).m_arithProfile;
-    JITAddIC* addIC = m_codeBlock->addJITAddIC(arithProfile, currentInstruction);
+    JITAddIC* addIC = m_codeBlock->addJITAddIC(arithProfile);
     m_instructionToMathIC.add(currentInstruction, addIC);
     emitMathICFast<OpAdd>(addIC, currentInstruction, operationValueAddProfiled, operationValueAdd);
@@ -961 +961 @@
 {
     ArithProfile* arithProfile = &currentInstruction->as<OpMul>().metadata(m_codeBlock).m_arithProfile;
-    JITMulIC* mulIC = m_codeBlock->addJITMulIC(arithProfile, currentInstruction);
+    JITMulIC* mulIC = m_codeBlock->addJITMulIC(arithProfile);
     m_instructionToMathIC.add(currentInstruction, mulIC);
     emitMathICFast<OpMul>(mulIC, currentInstruction, operationValueMulProfiled, operationValueMul);
@@ -977 +977 @@
 {
     ArithProfile* arithProfile = &currentInstruction->as<OpSub>().metadata(m_codeBlock).m_arithProfile;
-    JITSubIC* subIC = m_codeBlock->addJITSubIC(arithProfile, currentInstruction);
+    JITSubIC* subIC = m_codeBlock->addJITSubIC(arithProfile);
     m_instructionToMathIC.add(currentInstruction, subIC);
     emitMathICFast<OpSub>(subIC, currentInstruction, operationValueSubProfiled, operationValueSub);

trunk/Source/JavaScriptCore/jit/JITMathIC.h

@@ -57 +57 @@
     WTF_MAKE_FAST_ALLOCATED;
 public:
-    JITMathIC(ArithProfile* arithProfile, const Instruction* instruction)
+    JITMathIC(ArithProfile* arithProfile)
         : m_arithProfile(arithProfile)
-        , m_instruction(instruction)
     {
     }
@@ -226 +225 @@
 
     ArithProfile* arithProfile() const { return m_arithProfile; }
-    const Instruction* instruction() const { return m_instruction; }
 
 #if ENABLE(MATH_IC_STATS)
@@ -240 +238 @@
 
     ArithProfile* m_arithProfile;
-    const Instruction* m_instruction;
     MacroAssemblerCodeRef<JITStubRoutinePtrTag> m_code;
     CodeLocationLabel<JSInternalPtrTag> m_inlineStart;
@@ -257 +254 @@
 class JITBinaryMathIC : public JITMathIC<GeneratorType, isBinaryProfileEmpty> {
 public:
-    JITBinaryMathIC(ArithProfile* arithProfile, const Instruction* instruction)
-        : JITMathIC<GeneratorType, isBinaryProfileEmpty>(arithProfile, instruction)
+    JITBinaryMathIC(ArithProfile* arithProfile)
+        : JITMathIC<GeneratorType, isBinaryProfileEmpty>(arithProfile)
     {
     }
@@ -275 +272 @@
 class JITUnaryMathIC : public JITMathIC<GeneratorType, isUnaryProfileEmpty> {
 public:
-    JITUnaryMathIC(ArithProfile* arithProfile, const Instruction* instruction)
-        : JITMathIC<GeneratorType, isUnaryProfileEmpty>(arithProfile, instruction)
+    JITUnaryMathIC(ArithProfile* arithProfile)
+        : JITMathIC<GeneratorType, isUnaryProfileEmpty>(arithProfile)
     {
     }

trunk/Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.h

@@ -39 +39 @@
 class CallLinkInfo;
 
-class PolymorphicCallNode : public BasicRawSentinelNode<PolymorphicCallNode> {
+class PolymorphicCallNode : public PackedRawSentinelNode<PolymorphicCallNode> {
     WTF_MAKE_NONCOPYABLE(PolymorphicCallNode);
 public:
@@ -51 +51 @@
     void unlink(VM&);
 
-    bool hasCallLinkInfo(CallLinkInfo* info) { return m_callLinkInfo == info; }
+    bool hasCallLinkInfo(CallLinkInfo* info) { return m_callLinkInfo.get() == info; }
     void clearCallLinkInfo();
     
 private:
-    CallLinkInfo* m_callLinkInfo;
+    PackedPtr<CallLinkInfo> m_callLinkInfo;
 };
 

trunk/Source/JavaScriptCore/jit/SnippetOperand.h

@@ -29 +29 @@
 
 #include "ResultType.h"
+#include <wtf/Packed.h>
 
 namespace JSC {
 
 class SnippetOperand {
-    enum ConstOrVarType {
+    enum ConstOrVarType : uint8_t {
         Variable,
         ConstInt32,
@@ -56 +57 @@
     bool isPositiveConstInt32() const { return isConstInt32() && asConstInt32() > 0; }
 
-    int64_t asRawBits() const { return m_val.rawBits; }
+    int64_t asRawBits() const { return m_val.get().rawBits; }
 
     int32_t asConstInt32() const
     {
         ASSERT(m_type == ConstInt32);
-        return m_val.int32Val;
+        return m_val.get().int32Val;
     }
 
@@ -67 +68 @@
     {
         ASSERT(m_type == ConstDouble);
-        return m_val.doubleVal;
+        return m_val.get().doubleVal;
     }
 
@@ -81 +82 @@
     {
         m_type = ConstInt32;
-        m_val.int32Val = value;
+        UnionType u;
+        u.int32Val = value;
+        m_val = WTFMove(u);
     }
 
@@ -87 +90 @@
     {
         m_type = ConstDouble;
-        m_val.doubleVal = value;
+        UnionType u;
+        u.doubleVal = value;
+        m_val = WTFMove(u);
     }
 
@@ -93 +98 @@
     ResultType m_resultType;
     ConstOrVarType m_type { Variable };
-    union {
+    union UnionType {
         int32_t int32Val;
         double doubleVal;
         int64_t rawBits;
-    } m_val;
+    };
+    Packed<UnionType> m_val;
 };
+static_assert(alignof(SnippetOperand) == 1);
 
 } // namespace JSC

trunk/Source/WTF/ChangeLog

@@ +1 @@
+2019-05-13  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        [JSC] Compress miscelaneous JIT related data structures with Packed<>
+        https://bugs.webkit.org/show_bug.cgi?id=197830
+
+        Reviewed by Saam Barati.
+
+        * wtf/Packed.h:
+        (WTF::alignof):
+
 2019-05-13  Michael Catanzaro  <mcatanzaro@igalia.com>
 

trunk/Source/WTF/wtf/Packed.h

@@ -162 +162 @@
     T& operator*() const { return *get(); }
     bool operator!() const { return !get(); }
+    explicit operator bool() const { return get(); }
 
     PackedAlignedPtr& operator=(T* value)